Researchers who found the flaws scored beer money bounties and warn the problem is probably pervasive Exclusive Security researchers hijacked three popular AI agents that integrate with GitHub Actions by using a new type of prompt injection attack to steal API keys and access tokens, and the vendors who run agents didn’t disclose the problem.…
Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't warned users
Jessica Lyons·The Register··1 min read
T
Continue reading on The Register
This article was sourced from The Register's RSS feed. Visit the original for the complete story.